TSEC no longer has access to the kernel carveout, and TSECB now has access to the kernel carveout.

The Read/Write access levels were changed from 1 to 9, to facilitate this.

Kernel

Kernel initialization has changed significantly.

There is now a new loader program ("kernelldr") that runs before the kernel, and sets up KASLR/memory/etc. (kernelldr has its own .dynamic section).

The INI1 containing the Initial Programs is no longer its own section inside of Package2. It is instead now embedded inside the kernel section, with kernelldr preparing it for the kernel.

svcQueryIoMapping no longer accepts unaligned addresses as input when (input physaddr >= 0x1000). In addition, when input physaddr is < 0x1000, the kernel takes a new codepath to convert this to a different physical address.

<check back later for more detailed diffs>

Warmboot

The firmware revision magic was not changed.

FIRM Sysmodules

All FIRM sysmodules were updated. Specific diffs for a few sysmodules are below <check back later, to be updated>:

pm:shell now has a new command (9), which does abort() in normal FIRM. However, when in safe mode, it returns a handle to an event that is signaled on IShellService->NotifyBootFinished(), before the embedded safemode boot2 runs.